On Tue, 3 Nov 2015, Richard Mealing wrote:
So I'm looking for something that would block this -
fastnet.co.uk.12056010.bob.jones885@vmta27.toprea...
I was thinking of just creating a rule to sort this out with something like -
^fastnet\.co\.uk.\d+..*@
header FROM_IS_FAKE_FASTNET From =~ /^fastnet\.co\.uk.\d+..*@/i
score FROM_IS_FAKE_FASTNET 1.0
describe FROM_IS_FAKE_FASTNET from contains fastnet.co.uk_something_@
But I wondered if there was a better way to do it. Would this work do
you think? Obviously this would only catch the items on my own domain,
so it's not a brilliant solution. I was wondering if anyone wrote
something better.
So, to generalize the pattern: *your* (the recipient) domain is
(somewhere) in the username part of the From email address?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Where are my space habitats? Where is my flying car?
It's 2010 and all I got from the SF books of my youth
is the lousy dystopian government. -- perlhaqr
-----------------------------------------------------------------------
8 days until Veterans Day
